If it is not already high on their agenda, becoming familiar with the requirements of the Protection of Personal Information Act (Popi Act) should be a priority for insurers and loss adjusters.

This is the view of Jay Page, senior associate at law firm Bowmans, who says that in the UK last year, a firm of loss adjusters was found guilty of unlawfully disclosing personal data illegally obtained by its staff and by private investigators. “Sentencing took place earlier this year and fines of more than EUR 150 000 were imposed in terms of the UK Data Protection Act,” she says. “The perpetrators were found to have illegally obtained the private bank records of an individual whom they were investigating.”

Page says the Popi Act is largely based on its UK counterpart.

She says that, In the course of investigating a claim, loss adjusters routinely, if it is merited, conduct a thorough investigation not only into the circumstances of the claim, but also into the policyholder. The investigation can be “particularly intensive” when there is a suspicion of fraud or a suspicion that the claim has been exaggerated.

While it is justified in certain cases to investigate further, Page says, insurers, loss adjusters and their employees must be wary of falling foul of data protection laws and of their duties to treat customers fairly.

One practice that is not sanctioned is “blagging”, Page says. This involves calling up an organisation that holds private information and posing as an employee or as the actual individual under investigation in order to obtain private data. “This would be crossing the line, as would phone ‘tapping’ and intrusive surveillance.”

Searching online social media sites, as well as surveillance such as video recordings, on the other hand, may be justified as long as there is no invasion of the individual’s private space, Page says.